Agentic utility safety firm Checkmarx right this moment unveiled Checkmarx One, a platform constructed for the age of agentic growth.
The platform embeds agentic, AI-driven safety throughout code, dependencies, AI belongings and runtime, which permits enterprises to have oversight and visibility into safety proper from the beginning.
“Conventional AppSec was by no means constructed to cope with AI coding,” the place code is generated at machine velocity, Eran Kinsbruner, vice chairman of selling at Checkmarx, informed SD Instances. “Once you discuss AI, you discuss unprecedented scale and velocity. And the one solution to keep on high of that’s by matching the very same capabilities, particularly on the velocity and scale.”
Kinsbruner pointed that should you merely belief the hundreds of strains of code that AI can generate in minutes or much less, you’ll be making a construct with none code high quality, assessment and safety. “And, should you’re passing within the AI scale and velocity part of the IDE, otherwise you’re going to merge AI code into current legacy code, you then’re shifting in direction of the supply management, administration, the CI/CD pipeline, and [in terms of security], it’s already too late. The code is already shifting to the subsequent job. So it’s form of an limitless loop right here that you want to govern” to make sure safety.
Checkmarx views this as an evolution from the software program growth life cycle to the agentic growth life cycle, Kinsbruner mentioned. “The best way we see the agentic growth life cycle, you’ve gotten a number of management factors. In case you’re capable of govern these management factors with automated AI code opinions, AI high quality checks, but in addition agentic AI safety within the coding part throughout the IDE, then after the pull request, should you missed something within the coding and all through your entire AI provide chain up till manufacturing, you may vibe code efficiently, securely, and you may truly bridge the danger hole that we’re speaking about between velocity and safety. As a result of proper now, that is form of the barrier you’ve gotten, a spot between the rate that AI offers you as a software program engineer or AI engineer and the safety that you’ve got on the finish of the highway.”
On the core of the reimagined Checkmarx One platform is a brand new structure powered by agentic safety brokers and AI-native intelligence throughout the software program and AI provide chain.
In line with the corporate’s launch, key improvements inside Checkmarx One embrace:
Triage Help, an autonomous AI agent that prioritizes vulnerabilities in supply management based mostly on real-world exploitability and contextual threat, enabling groups to give attention to what actually issues slightly than static severity scores.
Remediation Help, generates review-ready fixes for validated vulnerabilities earlier than code merges, accelerating safe supply and decreasing guide remediation overhead.
AI Provide Chain Safety, a centralized governance and visibility layer for AI parts embedded in fashionable functions. It discovers hidden AI belongings, together with fashions, brokers, datasets, prompts, and AI-BOM components, detects model-loading and execution dangers, and enforces coverage inside current growth workflows.
AI SAST, a hybrid LLM-powered and query-based evaluation engine that expands detection throughout rising, unsupported, and AI-generated programming languages, extending safety past conventional rules-based scanning.
DAST for AI, a next-generation dynamic evaluation engine that strengthens runtime safety throughout CI/CD and manufacturing environments, supporting versatile testing methods for AI-accelerated functions.
Collectively, the corporate mentioned in its announcement, these improvements “shift utility safety from reactive assessment to agentic governance, aligned with the velocity and complexity of AI-driven software program growth.”
“AI has compressed the software program growth lifecycle from months to minutes,” Jonathan Rende, chief product officer at Checkmarx, mentioned within the announcement. “When functions transfer that quick, threat compounds simply as shortly. Our redesigned agentic platform permits growth organizations to innovate at machine velocity whereas securing AI generated functions to guard the enterprise.”
